FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3214437258> ?p ?o ?g. }

• W3214437258 abstract "Machine learning (ML) has been widely adopted in various privacy-critical applications, e.g., face recognition and medical image analysis. However, recent research has shown that ML models are vulnerable to attacks against their training data. Membership inference is one major attack in this domain: Given a data sample and model, an adversary aims to determine whether the sample is part of the model's training set. Existing membership inference attacks leverage the confidence scores returned by the model as their inputs (score-based attacks). However, these attacks can be easily mitigated if the model only exposes the predicted label, i.e., the final model decision. In this paper, we propose decision-based membership inference attacks and demonstrate that label-only exposures are also vulnerable to membership leakage. In particular, we develop two types of decision-based attacks, namely transfer attack and boundary attack. Empirical evaluation shows that our decision-based attacks can achieve remarkable performance, and even outperform the previous score-based attacks in some cases. We further present new insights on the success of membership inference based on quantitative and qualitative analysis, i.e., member samples of a model are more distant to the model's decision boundary than non-member samples. Finally, we evaluate multiple defense mechanisms against our decision-based attacks and show that our two types of attacks can bypass most of these defenses." @default.
• W3214437258 created "2021-11-22" @default.
• W3214437258 creator A5022802322 @default.
• W3214437258 creator A5060335470 @default.
• W3214437258 date "2021-11-12" @default.
• W3214437258 modified "2023-10-17" @default.
• W3214437258 title "Membership Leakage in Label-Only Exposures" @default.
• W3214437258 cites W1873763122 @default.
• W3214437258 cites W2040228409 @default.
• W3214437258 cites W2051267297 @default.
• W3214437258 cites W2795435272 @default.
• W3214437258 cites W2884943453 @default.
• W3214437258 cites W2897830718 @default.
• W3214437258 cites W2963671154 @default.
• W3214437258 cites W2965527189 @default.
• W3214437258 cites W2990980946 @default.
• W3214437258 cites W3102111060 @default.
• W3214437258 cites W3104224589 @default.
• W3214437258 cites W3138758728 @default.
• W3214437258 cites W9657784 @default.
• W3214437258 doi "https://doi.org/10.1145/3460120.3484575" @default.
• W3214437258 hasPublicationYear "2021" @default.
• W3214437258 type Work @default.
• W3214437258 sameAs 3214437258 @default.
• W3214437258 citedByCount "51" @default.
• W3214437258 countsByYear W32144372582021 @default.
• W3214437258 countsByYear W32144372582022 @default.
• W3214437258 countsByYear W32144372582023 @default.
• W3214437258 crossrefType "proceedings-article" @default.
• W3214437258 hasAuthorship W3214437258A5022802322 @default.
• W3214437258 hasAuthorship W3214437258A5060335470 @default.
• W3214437258 hasBestOaLocation W32144372582 @default.
• W3214437258 hasConcept C119857082 @default.
• W3214437258 hasConcept C12267149 @default.
• W3214437258 hasConcept C124101348 @default.
• W3214437258 hasConcept C153083717 @default.
• W3214437258 hasConcept C154945302 @default.
• W3214437258 hasConcept C185592680 @default.
• W3214437258 hasConcept C198531522 @default.
• W3214437258 hasConcept C2776214188 @default.
• W3214437258 hasConcept C2779201187 @default.
• W3214437258 hasConcept C38652104 @default.
• W3214437258 hasConcept C41008148 @default.
• W3214437258 hasConcept C41065033 @default.
• W3214437258 hasConcept C42023084 @default.
• W3214437258 hasConcept C43617362 @default.
• W3214437258 hasConcept C51632099 @default.
• W3214437258 hasConcept C65856478 @default.
• W3214437258 hasConceptScore W3214437258C119857082 @default.
• W3214437258 hasConceptScore W3214437258C12267149 @default.
• W3214437258 hasConceptScore W3214437258C124101348 @default.
• W3214437258 hasConceptScore W3214437258C153083717 @default.
• W3214437258 hasConceptScore W3214437258C154945302 @default.
• W3214437258 hasConceptScore W3214437258C185592680 @default.
• W3214437258 hasConceptScore W3214437258C198531522 @default.
• W3214437258 hasConceptScore W3214437258C2776214188 @default.
• W3214437258 hasConceptScore W3214437258C2779201187 @default.
• W3214437258 hasConceptScore W3214437258C38652104 @default.
• W3214437258 hasConceptScore W3214437258C41008148 @default.
• W3214437258 hasConceptScore W3214437258C41065033 @default.
• W3214437258 hasConceptScore W3214437258C42023084 @default.
• W3214437258 hasConceptScore W3214437258C43617362 @default.
• W3214437258 hasConceptScore W3214437258C51632099 @default.
• W3214437258 hasConceptScore W3214437258C65856478 @default.
• W3214437258 hasFunder F4320325698 @default.
• W3214437258 hasLocation W32144372581 @default.
• W3214437258 hasLocation W32144372582 @default.
• W3214437258 hasOpenAccess W3214437258 @default.
• W3214437258 hasPrimaryLocation W32144372581 @default.
• W3214437258 hasRelatedWork W2906998334 @default.
• W3214437258 hasRelatedWork W2950853953 @default.
• W3214437258 hasRelatedWork W3081595899 @default.
• W3214437258 hasRelatedWork W3127447688 @default.
• W3214437258 hasRelatedWork W3193356606 @default.
• W3214437258 hasRelatedWork W3213187311 @default.
• W3214437258 hasRelatedWork W4200202829 @default.
• W3214437258 hasRelatedWork W4287703079 @default.
• W3214437258 hasRelatedWork W4297196038 @default.
• W3214437258 hasRelatedWork W4382603363 @default.
• W3214437258 isParatext "false" @default.
• W3214437258 isRetracted "false" @default.
• W3214437258 magId "3214437258" @default.
• W3214437258 workType "article" @default.